Jump to content
  • Major news sites serve porn after vid.me domain takeover

    Karlston

    • 587 views
    • 3 minutes
     Share


    • 587 views
    • 3 minutes

    Major news sites serve porn after vid.me domain takeover

    Major news sites including The Washington Post, New York Magazine, and HuffPost, saw their stories now displaying porn videos instead of the once-embedded intended ones.

     

    The fiasco happened as prominent websites relied on the domain vid.me to embed streaming videos in their articles.

     

    The vid.me domain has been defunct for about four years and has had its ownership transferred over time to different parties.

    For those who prefer to watch... 'Right in front of my salad?'

    Websites of major news outlets such as The Washington Post, New York Magazine, and Huffpost, among others, shocked readers when their stories displayed NSFW videos, with no relevance to the story.

     

    As seen by BleepingComputer today, unfortunately, some news sites are still stuck with this mess:

    vidme embed example
    An example of a news story still showing embedded NSFW videos replacing the legitimate ones 

    The incident, first reported by Motherboard, was spotted yesterday by a user DOXIE, who has shared many more examples in their Twitter thread:

     

    How did this happen?

    Essentially, the affected sites had been relying on the video streaming provider, Vidme, to embed streaming content.

     

    To do so, websites would use HTML iframes to display the videos hosted on the vid.me domain:

    iframe embedding videos
    HTML iframe would previously display a legitimate video (BleepingComputer)

    However, Vidme has long been defunct. 

     

    In 2017, Vidme shut down its operations with vid.me's homepage showing a farewell message:

    vidme site farewell
    Farewell message previously displayed on Vid.me site since 2017 (BleepingComputer)

    A blog post followed stating Vidme had been acquired by Giphy. Any hosted videos were scheduled for deletion on December 15th, 2017.

     

    In practice, this meant, those iframes embedding hosted videos would have ideally shown nothing or, maybe an error message under usual circumstances.

     

    But, according to WHOIS results, vid.me domain's ownership and/or registration was updated sometime this month.

     

    DOXIE hypothesized that the domain had expired and was taken over by a porn company, "5 Star HD Porn" which now redirects all vid.me links to the porn site.

     

    As such, all of the websites previously embedding content from Vidme via iframes were now serving hardcore porn.

     

    Some have cheekily surmised if this counts as a supply-chain incident.

     

    5 Star HD Porn who now apparently owns the vid.me domain, did not respond to Motherboard's request for comment.

     

    Suffice to say, if you were previously using Vidme to host content on your website, it makes sense to purge any and all links to the defunct service.

     

    Readers who prefer to block content from this domain from appearing in unexpected places can add vid.me to their system's hosts file, as suggested by tech lawyer Neil Brown.

     

    There's a tutorial on BleepingComputer explaining how to accomplish this. Adding the following line to your hosts file (without http://) should suffice:

     
    127.0.0.1 vid.me

     

     

    Major news sites serve porn after vid.me domain takeover


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...